PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-08 21:51:28 +00:00
Code Issues Projects Releases Wiki Activity
11,397 Commits 2 Branches 0 Tags
a67e68b2d41580e81e8773aacad5c47e102f1ccf
Commit Graph

567 Commits

Author SHA1 Message Date
patrik
e50d65755b * Add a new script snmp-ios-config that pulls the config from a Cisco devices 
using SNMP and tftp. The script was created by Vikas Singhal.
* Add tftp library, used by the snmp-ios-config script, that acts as a server
  and receives the config file from the device. [Patrik]
 2011-02-22 09:13:03 +00:00
david
181951a2c6 Move db2-discover out of "discovery" and into "safe", like the other 
scripts that behave like it does.
 2011-01-24 07:22:07 +00:00
fyodor
f037a54cd7 Update Nmap version number to 5.36TEST4 in prep for the next release in a day or two and regenerate relevant files 2011-01-20 10:29:18 +00:00
patrik
583f65227c o [NSE] Added support for dynamic updates to the DNS library. Added the 
script dns-update.nse, which attempts to add a DNS record to a given zone.
  [Patrik]
 2011-01-14 15:15:24 +00:00
david
e54e940b10 Take broadcast-dropbox-listener out of "discovery" and put it in 
"broadcast".
 2011-01-13 07:18:03 +00:00
david
c7909b0b05 Rename p2p-dropbox-listener.nse to broadcast-dropbox-listener.nse. 2011-01-13 07:17:59 +00:00
david
6fbd739fac o [NSE] Added p2p-dropbox-listener.nse, which listens for Dropbox 
LanSync broadcasts and can optionally add discovered hosts to the
  scan queue. [Ron Bowes, Mak Kolybabi, Andrew Orr, Russ Tait Milne]
 2011-01-13 07:17:55 +00:00
david
a0f2fdbdb3 Move all broadcast-* scripts from the "discovery" category to 
"broadcast" (new category).
 2011-01-13 06:21:53 +00:00
fyodor
05f7c6ae07 Remove minecraft-auth for now -- see http://seclists.org/nmap-dev/2011/q1/85 2011-01-12 07:51:30 +00:00
david
42c14f507e Take minecraft-auth out of "vuln" and put it in "auth". From reading the 
Tumblr post, this sounds more like a way for people to set up a private
server on a LAN among trusted users than a vulnerability. Also link the
Tumblr post in the description.
 2011-01-10 01:14:16 +00:00
david
68ac93f69a o [NSE] Added minecraft-auth.nse by Toni Ruotto. It checks for 
Minecraft game servers that don't check usernames against a master
  server.
 2011-01-10 01:14:15 +00:00
david
2592194732 Add nrpe-enum.nse by Mak Kolybabi. 2011-01-09 03:43:41 +00:00
david
0658e53070 Add gopher-ls.nse by Toni Ruotto. 2010-12-29 18:46:16 +00:00
david
ad40df2c9b Add modbus-discover.nse from Alexander Rudakov. 2010-12-16 08:59:16 +00:00
patrik
c9ba464c28 Renamed domino-enum-passwords script to http-domino-enum-passwords 2010-12-15 08:52:31 +00:00
david
573088f99c Change categories of netbus-auth-bypass from {"default", "vuln", "safe"} 
to {"auth", "intrusive", "vuln"}. The first categories are the same as
in realvnc-auth-bypass, which would seems to be a very similar script,
but netbus-auth-bypass can have the additional side effect of breaking
future authentication attempts for all users, which is solidly
intrusive.
 2010-12-13 18:00:06 +00:00
david
90a2819a04 o [NSE] Added scripts by Toni Ruotto communicating with the NetBus 
remote administration/backdoor program.
  - netbus-info: gets configuration information.
  - netbus-brute: guesses passwords.
  - netbus-version: distinguishes NetBus from NetBuster, a program
    that mimics the protocol but doesn't actually allow any
    operations.
  - netbus-auth-bypass: Checks for a bug in the server that allows
    connecting without a password.
 2010-12-13 18:00:02 +00:00
david
a7e80b4cf3 Update script.db. 2010-12-13 17:30:08 +00:00
david
ccd901f918 Put realvnc-auth-bypass.nse in "auth" category. 2010-12-13 17:30:06 +00:00
patrik
46cdf28fce o [NSE] Added a new iSCSI library and the two scripts iscsi-info and 
iscsi-brute. [Patrik]
 2010-12-10 23:20:59 +00:00
patrik
38a21c4d17 o [NSE] Add new script broadcast-ms-sql-discover and removed broadcast 
support from ms-sql-info. [Patrik]
 2010-12-10 23:12:27 +00:00
david
adc460fc22 o [NSE] Added the ftp-proftpd-backdoor.nse script by mak Kolybabi, 
which checks for a backdoor in ProFTPD 1.3.3c.
 2010-12-07 00:22:01 +00:00
david
f8530814ab o [NSE] Added http-vhosts.nse from Carlos Pantelides. This script 
brute-forces virtual hosts by sending different Host headers to the
  same server.
 2010-12-06 05:19:35 +00:00
david
f8b17ae441 o [NSE] Added the hddtemp-info script from Toni Ruotto, which gets 
hard drive temperatures from the hddtemp service.
 2010-11-29 19:00:11 +00:00
fyodor
3652bd6939 Rename a couple http scripts to make it more clear that they use the http protocol and for consistency with other script names 2010-11-20 04:22:51 +00:00
fyodor
10d85c1a6b Removed broadcast-upnp-info and broadcast-dns-service-discovery from the default category. With these running by default, I was getting a bunch of information about printers and stuff on my LAN. Which is great info, and I love the scripts, but that's not what I'm really looking for when just trying to scan scanme.nmap.org 2010-11-20 02:04:00 +00:00
patrik
734f938b04 o [NSE] Added a new Web Service Dynamic Discovery library (wsdd) and the two 
scripts broadcast-wsdd-discover and wsdd-discover. [Patrik]
 2010-11-10 22:35:13 +00:00
patrik
92b6fa9038 o [NSE] Added a new library upnp that provides UPnP support to the scripts 
upnp-info and broadcast-upnp-info. The library is largely based on code
  taken from Thomas Buchanan's upnp-info script. [Patrik]
 2010-11-02 19:05:19 +00:00
david
d4007d43e5 Make rmi-dumpregistry.nse default. 2010-11-02 17:45:07 +00:00
patrik
7b2b7bd227 o [NSE] Added a new library dnssd with supporting functions for DNS Service 
Discovery. Moved multicast prerule from dns-service-discovery to a new
  script called broadcast-dns-service-discovery. [Patrik]
 2010-11-02 17:22:38 +00:00
david
3040659465 Add the rmi.lua library and rmi-dumpregistry.nse script by Martin Holst Swende. 2010-11-01 20:47:48 +00:00
kris
b69d93e2ab o [NSE] Added the ssh2-enum-algos script which reports the number of 
algorithms the target SSH2 server supports, by type. If verbosity
  is set, then the offered algorithms are listed. Output is reduced
  for identical "client to server" and "server to client" lists by
  using a single combined list. [Kris]
 2010-10-29 14:30:00 +00:00
fyodor
203d423d50 Added upnp-info to the discovery category 2010-10-16 21:45:08 +00:00
david
dd7a40b288 Add hostmap.nse from Ange Gutek. 2010-10-16 03:01:08 +00:00
david
d096dd7626 Update script.db. 2010-10-16 01:59:08 +00:00
kris
8d7d95ba57 update script.db 2010-10-13 00:06:39 +00:00
david
7dcd478487 Put nat-pmp-info.nse in the "default" category. Let the portrule match 
the service "nat-pmp". Set the service name "nat-pmp" on success.
 2010-09-28 22:30:18 +00:00
patrik
0ef84cf443 o [NSE] Added nat-pmp-info script that uses the nat-pmp service to 
discover the external IP address of a router. [Patrik]
 2010-09-28 19:43:06 +00:00
kris
29e6257541 Add the resolveall prerule script which takes a table of hosts and adds the 
resolved addresses to Nmap's target queue.
 2010-09-28 02:04:20 +00:00
djalal
15a0dc47b0 Added the targets-traceroute script, which inserts traceroute hops onto Nmap scanning queue. 2010-09-10 01:53:22 +00:00
david
7026f5fdbd o [NSE] Added the firewalk script, which tries to find whether a 
firewall blocks or forwards ports like the firewall tool does. [Henri
  Doreau]
 2010-08-28 16:03:20 +00:00
david
5731d55219 Revert r19993, the addition of firewalk.nse. This depends on an nselib 
change that isn't committed yet.
 2010-08-27 20:03:21 +00:00
david
79da626772 o [NSE] Added the firewalk script, which maps firewall rules in a way 
similar to the firewalk tool. [Henri Doreau]
 2010-08-27 20:01:09 +00:00
kris
57664a51cf Committing MTU-related changes: 
* Adding path-mtu.nse for Path MTU Discovery
* Nmap now stores the MTU for interfaces (from SIOCGIFMTU or libdnet)
* Scripts can access the MTU for host.interface via host.interface_mtu
* Nmap prints the MTU for interfaces in --iflist
 2010-08-24 01:47:12 +00:00
patrik
af76c5dad7 o [NSE] Added GIOP library and a small script that makes use of it: 
- giop-info Queries the CORBA naming server for a list of objects
  [Patrik]
 2010-08-19 23:14:39 +00:00
patrik
87109b5670 o [NSE] Added a Oracle TNS library and two new scripts that make use of it. 
The scripts are:
  - oracle-brute uses the brute and tns library to perform password guessing
  - oracle-enum-users attempts to determine valid Oracle user names
  [Patrik]
 2010-08-19 23:09:32 +00:00
patrik
e80b196d2e o [NSE] Added a smallish Lotus Domino rpc library (nrpc.lua) and some Lotus 
Domino oriented scripts:
  - domino-enum-users.nse guesses users and attempts to download ID files by
                          exploiting (CVE-2006-5835).
  - domino-enum-passwords attempts to download Internet passwords and ID files
                          from the web server.
  - domcon-brute performs password guessing against the remote console.
  - domcon-cmd adds support for running custom remote console commands.
  [Patrik]
 2010-08-19 23:02:58 +00:00
patrik
73b01af10a o [NSE] Added an Informix library and three scripts that make use of it: 
- informix-brute uses the brute framework to perform password guessing
  - informix-query add support for running SQL queries against Informix
  - informix-tables lists table- and column-names for a given database
  [Patrik]
 2010-08-19 22:47:52 +00:00
patrik
a2c2a3f84c o [NSE] Added two new scripts http-brute.nse and http-form-brute that attempt 
to perform password guessing against web servers and applications. [Patrik]
 2010-08-19 20:53:40 +00:00
david
9cbfbbaadc Remove a script.db entry for an uncommitted script I am working on, 
ovs-agent-version.nse.
 2010-08-17 22:44:28 +00:00